Trader Joe DEX Suffers Frontend Security Breach, Prompts User Warnings

Trader Joe Ranks in the Top 5 Decentralized Exchanges List

The popular decentralized exchange (DEX) Trader Joe announced a security breach in its frontend interface on Nov. 17. 

The breach, identified in a third-party analytics plugin, potentially exposed numerous users, prompting immediate action by the platform’s team. 

The Trader Joe team discovered the vulnerability during a routine check, revealing compromised JavaScript code in an analytics tool. The breach occurred at approximately 18:34 GMT, impacting all chains including Avalanche (AVAX), Arbitrum (ARB), and Ethereum (ETH). 

The team quickly removed the malicious code and temporarily shut down the frontend to mitigate risks. The incident rerouted some users’ transactions to an unknown contract – “0xd8ea…33581bf.” Trader Joe urged affected users to revoke access given to this contract. 

In response, Trader Joe advised users to check and revoke approvals of the malicious contract using token approval checkers and wallet services. The DEX also emphasized confirming contract addresses during transactions using their developer documents. The Trader Joe Discord provided guided support.

Following investigation and remediation, Trader Joe has restored its frontend, ensuring it is safe for trading, liquidity, staking and lending. The DEX aims to prevent future vulnerabilities by eliminating third-party integrations. 

Also Read: Tron Founder Offers Hackers $10 Million Bounty to Return Funds

Related Posts